Home / os / winme

WordPress UserPro 5.1.x Password Reset / Authentication Bypass / Escalation

Posted on 22 November 2023

WordPress UserPro plugin versions 5.1.1 and below suffer from an insecure password reset mechanism, information disclosure, and authentication bypass vulnerabilities. Versions 5.1.4 and below suffer from privilege escalation and shortcode execution vulnerabilities.

 

TOP